By Daniel Chapman, Hugh Miller, Katia Pascarella and Lynnette Withfield (Structural Policy Division).
- Being overexposed to a single counterparty or a group of connected counterparties poses a risk to the safety and soundness of banks and also has implications for financial stability. Both internationally and in the UK, a large exposure (LE) framework is in place to limit the maximum loss a bank could face in the event of sudden counterparty failure.
- First introduced in statute in 1987, the UK LE framework evolved after the 2008 financial crisis. Since then, among other changes, UK banks have had to reduce their exposures to cross-border intragroup entities as well as their exposures to other banks.
- The Prudential Regulation Authority (PRA) receives data on large exposures from all the banks it supervises. This allows us to analyse risks to specific banks and to gain insights on potential vulnerabilities in the financial system.
Regulators across the world recognise that monitoring banks’ large exposures is necessary for sound prudential regulation and effective supervision of banks and banking systems. The respective failures of Johnson Matthey Bankers (Box A) in the 1980s and Lehman Brothers in the 2000s were catalysts for the introduction of the LE framework and its subsequent development in the UK. Regulation exists for both large exposures to third-party counterparties and large exposures to a bank’s own group (intragroup exposures).
This article looks at the current LE regime in the UK and how it has evolved over time to become a key element of financial services regulation. It addresses key concepts such as how the LE framework treats a group of connected counterparties (Box B) and how banks calculate total exposures to a counterparty.
In 1605 Miguel de Cervantes Saavedra, the Spanish novelist, coined the popular phrase advising that you should not put all your eggs in one basket. This saying holds true today in the world of finance, not just for individuals considering their own investments, but also for banks to limit the maximum loss they could face in the event of the failure of one of their counterparties.
It is not prudent for banks to allow themselves to be in a position whereby the failure of one counterparty could cause them to become insolvent. When a bank fails, it can create problems for the wider economy, so we, alongside the international regulatory community, have developed a framework for banks that addresses this risk.
At the heart of the LE framework is the requirement that banks must limit their total exposures to any single counterparty to 25% of the bank’s eligible capital. This serves as a complement to the risk-based capital requirements that regulators set for banks. The Basel Committee on Banking Supervision’s minimum capital requirements are calculated using a risk model that assumes banks have well diversified portfolios. Although in the UK a concentration risk adjustment is made for capital requirements purposes, these adjustments are not designed to protect a bank from a sudden default by a counterparty.
During the 2001 crisis of the Fiat automotive group a regulatory limit for large exposures served as an effective backstop. Although Fiat asked for more credit support, Italian banks could not extend any further credit because it would have caused these banks to breach their LE limit. This forced the Fiat group to consider other financial measures. The board of directors eventually approved a capital increase of more than €1 billion in mid-January 2002 and authorised the issuance of US$2.2 billion of bonds convertible into General Motors stock. This ultimately helped the group diversify its sources of financing and lower its borrowing costs.
The LE framework also limits a bank’s exposure to another bank and this plays an important role in enhancing financial stability. It should help to mitigate investors’ concerns that material losses in one bank could spread to other banks as it would prevent banks from being overly exposed to each other, or to the same counterparties, therefore reducing contagion risk. Basel has also introduced a smaller LE limit between global systemically important banks.
Box A: The failure of Johnson Matthey Bankers and the early development of the UK LE framework
Johnson Matthey Bankers (JMB) was a banking, gold bullion and commodity trading entity that, in the early 1980s, started to expand its commercial lending business. As a result, JMB’s loan and overdraft portfolio rose from £34 million in 1980 to £309 million in March 1984 and continued to grow rapidly during the first half of 1984.
A substantial part of this growth was due to the rapid increase of exposures to two of JMB’s largest commercial counterparties. By June 1984, the size of these exposures reached 76% and 39% of JMB’s capital base respectively (compared to 26% and 17% respectively in June 1983). When in 1984, these debts had begun to look doubtful, JMB decided to lend more to the two counterparties, hoping that additional funds would help the debtors to trade themselves out of trouble. However, JMB did not make the required provisions against these two large exposures and it became clear that JMB would no longer be able to carry on trading. In October 1984, the Bank of England purchased Johnson Matthey Bankers Limited.
It was largely as a result of the JMB failure that the UK implemented, through the 1987 Banking Act, a statutory requirement that there should be limits to a bank’s exposure to a single counterparty of 25% of its available capital resources. Prior to this UK incorporated banks were only expected to, but not statutorily required to, inform the Bank of England of their large exposures. In January 1991 Basel also agreed that 25% was the appropriate limit for large exposures, describing large exposures as ‘probably the major single cause of bank failures’.
In 1992 the European Commission adopted the Large Exposures Directive, which was broadly similar to the UK regime. Currently, much of the LE framework is set out in the Capital Requirements Regulation, which took effect in January 2014.
How does the LE framework define exposures and eligible capital?
The LE framework generally considers an exposure to be all assets and off balance sheet items, without applying risk weights or degrees of risk, where the bank can lay a claim against a counterparty. This includes items such as investments in securities, loans to customers and guarantees.
Some assets are excluded from this definition, such as certain equity investments in other companies, which banks need to automatically deduct from their capital given the high risk involved. Deducting an exposure from capital indirectly limits the exposure, as banks have to preserve their capital requirements, meaning an LE limit is not needed. An exposure is considered a large exposure if it is equal to or higher than 10% of a bank’s eligible capital.
In January 2019, the 1991 Basel standards on large exposures were replaced by new standards for measuring and controlling large exposures. Before the introduction of these new standards, many countries limited large exposures in relation to a bank’s total available capital resources. This included capital that is available to absorb losses on a ‘going concern’ basis (ie Tier 1 capital) and capital that is available on a ‘gone concern’ basis (ie Tier 2 capital). Given that Tier 2 capital is generally only available when a bank is no longer viable, it is not appropriate for large exposure regulation purposes. The new Basel standards therefore limit large exposures to 25% of Tier 1 capital only.
The UK framework currently partially limits the eligibility of Tier 2 capital to a portion that is equal to or less than one third of Tier 1 capital. The PRA welcomes the 2019 Basel amendment and expects the UK to implement the full exclusion of Tier 2 capital in due course.
If a bank has eligible capital of £10 billion, any exposure equal to or over £1 billion (ie 10% of eligible capital) would be considered a large exposure and the bank’s LE limit would be £2.5 billion (ie 25% of eligible capital) (Figure 1). This means that the total exposure that a bank could have to a single counterparty or a group of connected counterparties cannot be more than £2.5 billion. A small bank with eligible capital of £10 million would have to classify any exposure of £1 million or more as large and the LE limit would be £2.5 million.
Figure 1 The LE limit in practice
The Basel standards only apply to internationally active banks and jurisdictions have the option to develop a different approach for banks that usually fall outside of the scope of the Basel framework. It is important to emphasise that for banks with a much higher capital base the 25% limit is not small and it allows them to still have significant exposures to single counterparties relative to small banks. To have a more proportionate approach, and considering that small banks are less likely to have a systemic impact, banks with capital below or equal to €600 million can apply higher limits, but only in relation to exposures to other banks.
The higher limit is set at a maximum of 100% of eligible capital. This recognises the disproportionate impact that the LE framework could have on smaller banks, given the impracticalities of having to diversify their assets held for liquidity purposes across a number of other banks. It also recognises that small banks often have limited access to money markets. Exposures to counterparties that are not banks remain subject to the 25% LE limit.
Box B: What is a group of connected counterparties?
If a bank has exposures to two individuals within a family where both parties rely on one income, is it prudent to treat these as two different exposures? Similarly, if a bank has exposures to three separate banks that are all owned or controlled by the same parent entity, is it appropriate to treat these as separate exposures? What about exposures to counterparties that are all owned and controlled by the same government entity?
The concept of single risk is essential in the LE framework. Counterparties must be grouped and considered a single risk for large exposure purposes if they are interconnected by a control relationship or by some form of economic dependency. Exposures to two or more counterparties should be aggregated if one has control over the other, either directly (usually via ownership) or indirectly. The reason for considering these as a single risk is that, if the controlling entity is experiencing financial difficulties, it is likely that it could make use of its rights to extract capital or liquidity from the subsidiary entity, thereby weakening the financial position of the subsidiary.
Even if no control element exists, banks should consider any potential economic dependencies among counterparties. Counterparties should be connected and treated as a single risk if it is likely that the financial problems of one counterparty could cause financial difficulties for the others in terms of full and timely repayment of liabilities.
When it comes to exposures to counterparties that are owned by a government, banks may choose an alternative approach to grouping entities for LE purposes. This approach is explained in the European Banking Authority’s guidance on connected counterparties.
Gross versus net exposures and credit risk mitigation techniques
A bank’s net exposure to a counterparty is the gross exposure after applying any credit provisions, accounting valuation adjustments, credit risk mitigation techniques and exemptions. Banks measure their total net exposures to a counterparty against the LE limit, as this is considered the maximum amount they could lose if a counterparty suddenly defaulted. For example, if a bank has a gross exposure of £50 million to a counterparty but receives £35 million of high-quality collateral (eg AAA-rated government bonds), the net exposure measured against the LE limit would be £15 million.
Banks still have to report any gross exposure equal to or above 10% of eligible capital. This provides supervisory oversight of how banks apply any credit risk mitigation techniques and exemptions. Exemptions to the LE limit are discussed later in this article.
Eligible credit risk mitigation techniques are commonly used to hedge or reduce credit risk. Credit risk mitigation can be either funded or unfunded. Funded credit risk mitigation techniques are where the bank either has the right to realise the value of an asset to cover losses in an event of default (eg collateral) or can reduce the exposure by an amount where the counterparty has a claim on the bank (eg netting agreements). Unfunded credit protection is where a third party guarantees all or part of an exposure. There are requirements in place to ensure that the quality of the collateral or the credit quality of the guarantor is sufficient to mitigate the risk.
Box C: What is a bank’s actual total exposure to a counterparty? Using the look-through and the substitution approaches
In some instances, it is not obvious to which counterparty a bank is exposed. This introduces two important additional concepts in the LE framework: the look-through approach and the substitution approach.
The look-through approach is applicable for exposures to structures with underlying assets, such as securitisation vehicles. Assuming a bank has a large exposure to Counterparty A and also holds investments in a securitisation vehicle that holds assets of Counterparty A, it is important to look through the structure to ensure all exposures to Counterparty A are correctly captured. The importance of this look-through approach was highlighted as part of the report on the failure of Barings Bank.
The substitution approach requires banks to limit both direct and indirect exposures to counterparties (eg when a counterparty provides a guarantee for an exposure to another counterparty). Assuming a bank has an exposure to Counterparty A, which is guaranteed by Counterparty B, it is important that the bank recognises the indirect exposure to Counterparty B.
This is especially important if the bank has additional direct large exposures to Counterparty B or Counterparty B provides guarantees for other exposures the bank might have. The importance of capturing and limiting indirect exposures became apparent during the financial crisis in 2008 when a large number of systemically important banks were indirectly exposed to American International Group as a credit protection provider. This was the main reason why Basel included a mandatory substitution approach in its latest standards, which came into effect in 2019.
These elements of the framework are also helpful in supporting financial stability as they ensure banks limit their exposures to counterparties that perform bank-like activities. These requirements are supplemented by specific guidelines for how banks should monitor their large exposures to the shadow-banking sector.
Are all exposures subject to LE limits?
Exposures to sovereigns are generally exempted from the LE regime. UK and EU regulation apply stricter sovereign exemptions than those set out in the Basel framework, where only exposures to sovereigns with a high credit rating are fully exempt from LE limits. The appropriate future regulatory treatment of sovereign exposures has recently been discussed by the Basel Committee on Banking Supervision.
In addition to the sovereign exemption, intraday interbank exposures are exempt from LE limits. This is to avoid disturbances in payment and settlement processes. Banks’ exposures to qualifying central counterparties (CCPs) related to clearing activities are also exempt. Certain exposures to covered bonds, up to 80% of the nominal value of the bonds, are also not subject to LE limits.
In the UK, we also exempt certain intragroup exposures and exposures to non-exempt central banks and governments if the exposures are in the form of minimum required reserves or statutory liquidity requirements. Apart from intraday exposures, banks are still required to report all large exposures, regardless of whether the exposures are exempt from LE limits.
How does the LE framework treat a bank’s intragroup exposures?
Prior to the financial crisis, cross-border intragroup exposures were less constrained by the LE limit than they are today. Banks operating in the UK could have large exposures to foreign entities within their own group, which could significantly exceed their eligible capital.
However the financial crisis, and in particular the collapse of Lehman Brothers in 2008, revealed weaknesses in the both the regulatory framework and supervision of banks — especially ones with cross-border entities. The collapse of Lehman Brothers highlighted risks arising from intragroup exposures as they are not always made on an arm’s length basis and may continue to be extended even when it is not prudent to do so. An additional risk exists for intragroup exposures that cross national boundaries, due to differing insolvency regimes and depositor protection schemes in other jurisdictions.
Consequently, in 2010 the Financial Services Authority introduced an intragroup limit for cross-border exposures of 100% of capital to address these market failures in the event of stresses occurring in the rest of the group. This complemented a number of other important reforms, such as the introduction of the resolution regime. The policy to limit cross-border intragroup exposures has been refined since 2010 but we still consider maintaining a limit to be a prudent approach.
The cross-border intragroup LE limit forms part of the PRA framework for applying prudential requirements to banking groups. Our policy is designed to reduce intragroup contagion risk and ensure that resources are located close to risks, helping ensure that banks remain resilient.
However, we also want to, where appropriate, allow banks to benefit from being part of a broader group operating in a dynamic and open UK financial services sector. This is why in certain scenarios we do not apply the 25% LE limit to intragroup exposures. Banks can apply for two types of intragroup permissions (see explanation below, Figure 2 and Table A).
(1) Within the UK:
Banks can have unlimited exposures to entities established in the UK that meet all the necessary conditions. We refer to these entities as the core UK group (CUG). Banks may apply a 0% risk weight to all exposures to entities included in its CUG permission for capital requirement purposes.
Banks can exempt (up to a 100% of eligible capital) all exposures to cross-border intragroup entities that are included in a non-core large exposures group (NCLEG) permission. These entities have to meet similar conditions as for CUG permissions, but remain subject to standard capital requirements.
All intragroup entities not included in either a CUG or an NCLEG permission are treated as exposures to third parties and are subject to the 25% LE limit on an aggregate basis. In addition, since 1 January 2019, large banks (those with core deposits over £25 billion) must legally separate or ‘ring-fence’ some of their banking services from other parts of the bank. In order to support this objective, the PRA expects that only entities within a ring-fenced bank’s subgroup will be included in the ring-fenced bank’s CUG and NCLEG permissions.
Figure 2 The relationship between banks within a group structure
Table A Majority of the UK’s biggest banks have permission to breach the LE limit for some intragroup exposures
PRA regulated firms type (a)
Percentage of firms with CUG permissions
Percentage of firms with NCLEG permissions
Average number of entities within a CUG
Average number of entities within an NCLEG
Category 1 international banks
Category 2–5 international banks
Sources: Financial Services Register data as at 31 December 2019 and Bank calculations.
(a) For further information on how the PRA categorises banks, see page 12 of the PRA’s approach to banking supervision.
Regulatory reporting for large exposures
Banks are required to submit regulatory returns on a quarterly basis. These returns must include all of their large exposures, both on a gross and net basis, demonstrating that banks are complying with the large exposure requirements. Although the PRA monitors any breaches to LE limits, banks must report any breaches without delay to the PRA, which may allow a bank a limited period to bring the exposure within the required limits. Breaches to the LE limit are only tolerated in exceptional cases. In other cases, normal enforcement considerations will apply.
We also use the large exposure data submitted by banks to undertake sector-wide analysis of bank exposures. For example, Tables B and C display the reported geographic concentration of both third-party and intragroup large exposures for the biggest UK banks operating in the UK. This provides useful insights into the potential vulnerabilities of specific UK banks and the sector as a whole.
Table B Geographical distribution of third-party large exposures for the largest banks operating in the UK
Country (top nine)
Net exposure (£ millions)
Sources: Regulatory returns and Bank calculations.
Table C Geographical distribution of intragroup large exposures for the largest banks operating in the UK
Country (top three)
Net exposure(a) (£ millions)
Sources: Regulatory returns and Bank calculations.
(a) Based on exposures to NCLEG entities.
Bank failures in the 1980s and 1990s demonstrated the need for regulators to set prudent limits on large exposures to a single counterparty or a group of connected counterparties. This limit is set at 25% of a bank’s eligible capital. It supports the PRA objective of promoting the safety and soundness of the banks it regulates. It also supports broader financial stability by mitigating investors’ concerns that material losses in one bank could spread to others if those banks were overexposed to each other, or to the same counterparties.
The LE framework introduces important concepts to meet its objective. The concept of a group of connected counterparties requires banks to aggregate individual exposures if they pose a single risk to the institution. Banks are also required to correctly identify and report all direct and indirect exposures to counterparties, in accordance with the look-through and substitution approaches.
However, banks’ exposures to certain counterparties, such as highly rated sovereigns, public sector entities and qualifying CCPs, are fully exempt from the LE limit. The LE framework also allows for a higher limit for small banks’ exposures to other banks.
Subject to PRA permission, banks can also fully exempt intragroup exposures within the UK, while cross-border intragroup exposures can be exempt up to 100% of the bank’s eligible capital. The limit on cross-border intragroup exposures aligns with the principles set out in the PRA policy, which aims to minimise intragroup contagion risk and ensure that resources are located close to risks.
Banks have to report their large exposures on a quarterly basis. We use large exposure data submitted by banks to support sector-wide analysis of bank exposures.
The LE framework is a key part of UK financial regulation that has evolved to reflect the changing financial landscape in the wake of the financial crisis. For regulators, both in the UK and beyond, having a clearer picture of banks’ exposures is crucial to ensure past mistakes are not repeated.
See page 1 of the Basel Committee on Banking Supervision’s supervisory framework for measuring and controlling large exposures.
See Article 395(1) of EU regulation No 575/2013.
The Basel Committee on Banking Supervision is the primary global standard setter for the prudential regulation of banks and provides a forum for regular co-operation on banking supervisory matters. Its 45 members comprise central banks and bank supervisors from 28 jurisdictions.
See Annex I of the Committee of European Banking Supervisor’s 2007 advice to the European Commission on large exposures.
For further information on JMB’s failure, see page 33, Bank of England Annual Report, 1985.
See Article 38(1) of the 1987 Banking Act.
For further information on the development of the 1991 Basel standards: Goodhart, C (2011), ‘The Basel Committee on Banking Supervision: a history of the early years, 1974-97’.
This previous Quarterly Bulletin article introduces the concepts of capital and liquidity.
Given that the threshold of large exposures is so high for big banks, banks are also required to report all exposures that are over €300 million as part of LE regulatory reporting.
European Banking Authority guidelines on groups of connected counterparties outline criteria for institutions for defining a group of counterparties as significantly connected.
See Title II, Chapter 4 of EU regulation No 575/2013.
In 2020, the PRA published statements regarding the credit risk mitigation eligibility of the UK Government’s Covid-19 support schemes.
See how European legislation treats underlying assets.
Intragroup exposures are not within the scope of the Basel standards.
PRA’s supervisory statement on large exposures.
See Banking Act 2009 for details of special resolution regime.
In 2014, the PRA also adopted rules on exposures to related parties to address the risk that intragroup exposures are not always made on an arm’s length basis.
Entities have to meet certain conditions to be included in a core UK group (CUG) or a non-core large exposures group (NCLEG) permission. All the entities must be included in the same consolidation as the bank on a full basis, must be classified as a financial institution, institution or ancillary services undertaking, must be subject to the same risk management and control procedures as the banks and there must be no impediment to the transfer of funds or repayment of liabilities from the entity to the bank.
The term subgroup is an example of consolidation whereby a group of separate legal entities within a banking group are brought together for the purposes of prudential regulation and supervision. For more information on consolidation, see Bank of England Staff Working Paper No. 625.
LE reporting submitted under the Common Reporting framework.
See the PRA’s approach to enforcement.